Skip to main content
This is a pre-production deployment of Warehouse. Changes made here affect the production instance of PyPI (pypi.python.org).
Help us improve Python packaging - Donate today!

Syslog protocol (rfc5424 and rfc5425) utilities

Project Description

loggerglue is intended to be a general purpose glue layer for the syslog protocol as decribed in rfc5424 and rfc5425.

This package includes:

  • a pyparsing parser for rfc5424
  • a wrapper class for rfc5424 syslog entries
  • an emitter for syslog messages, and associated convenience classes
  • a SyslogServer class supporting TLS (rcf5425)

A client example

Log a simple message with structured data to the local syslog daemon:

from loggerglue import logger
from loggerglue.rfc5424 import SDElement
from loggerglue.constants import *
l = logger.Logger()
l.log(prival=LOG_INFO|LOG_USER,
      msg="Test message",
      structured_data=[
          SDElement("origin",
              [("software","test script"), ("swVersion","0.0.1")])
      ])

A trivial server example

A simple TLS enabled server can be built as follows:

from loggerglue.server import SyslogServer, SyslogHandler

class SimpleHandler(SyslogHandler):
    def handle_entry(self, entry):
        print 'On %s from %s: %s' % \
                (entry.timestamp, entry.hostname, entry.msg)

s = SyslogServer(('127.0.0.1', 6514), SimpleHandler,
                 keyfile='loggerglue-key.pem',
                 certfile='loggerglue-cert.pem')
s.serve_forever()

Here’s an example rsyslog configuration:

$IncludeConfig /etc/rsyslog.d/*.conf

$DefaultNetstreamDriverCAFile /path/to/loggerglue-ca-cert.pem
$DefaultNetstreamDriver gtls
$ActionSendStreamDriverMode 1
$ActionSendStreamDriverAuthMode anon

*.* @@(o)localhost:6514;RSYSLOG_SyslogProtocol23Format

A more advanced server example

In this exemple we index the log data as it comes using Whoosh.

from loggerglue.server import SyslogServer, SyslogHandler
from whoosh import index
from whoosh.fields import *
import os.path

schema = Schema(prio=ID(stored=True),
                timestamp=DATETIME(stored=True),
                hostname=ID(stored=True),
                app_name=ID(stored=True),
                procid=ID(stored=True),
                msgid=ID(stored=True),
                msg=TEXT(stored=True)
                )

if os.path.exists('indexdir'):
    ix = index.open_dir('indexdir')
else:
    os.mkdir('indexdir')
    ix = index.create_in('indexdir', schema)

class SimpleHandler(SyslogHandler):
    def handle_entry(self, entry):
        writer = ix.writer()
        writer.add_document(prio=entry.prival,
                            timestamp=entry.timestamp,
                            hostname=entry.hostname,
                            app_name=entry.app_name,
                            procid=entry.procid,
                            msgid=entry.msgid,
                            msg=entry.msg)
        writer.commit()

s = SyslogServer(('127.0.0.1', 6514), SimpleHandler,
                 keyfile='loggerglue-key.pem',
                 certfile='loggerglue-cert.pem')
s.serve_forever()

And now a small search tool:

from whoosh import index
from whoosh.qparser import QueryParser

import sys
if len(sys.argv) == 1:
    print 'usage: %s <search terms>' % sys.argv[0]
    sys.exit(1)

ix = index.open_dir('indexdir')
searcher = ix.searcher()
query = QueryParser('msg').parse(' '.join(sys.argv[1:]))
results = searcher.search(query)
print '%d results\n' % len(results)
for r in results:
    print '%s\n' % str(r)
searcher.close()

1.0 (25/03/2011)

  • Wladimir van der Laan <laanwj@gmail.com>
    • Add Sphinx-based documentation and docstrings
    • Emitter for syslog messages, and associated convenience classes
    • Fixes for RFC 5424 edge cases
    • Allow multiple of the same key in STRUCTURED-DATA by representing the parameters using a multidict

0.9 (28/01/2011)

  • Initial release.
Release History

Release History

This version
History Node

1.0

History Node

0.9

Download Files

Download Files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
loggerglue-1.0.tar.gz (19.3 kB) Copy SHA256 Checksum SHA256 Source Mar 25, 2011

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting